A Remote Code Execution(RCE) vulnerability exists in some designated applications in ServiSign security plugin, as long as the interface is captured, attackers are able to launch RCE and executes arbitrary command on target system via malicious crafted scripts.
References
Link | Resource |
---|---|
https://tvn.twcert.org.tw/taiwanvn/TVN-201910005 | Third Party Advisory |
https://www.chtsecurity.com/news/1179d48b-7609-4f67-9d7e-3bac2979c6ce | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: twcert
Published: 2020-02-03T00:00:00
Updated: 2020-02-11T15:55:42
Reserved: 2019-12-20T00:00:00
Link: CVE-2020-3925
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-02-03T11:15:12.527
Modified: 2020-02-12T14:55:17.453
Link: CVE-2020-3925
JSON object: View
Redhat Information
No data.
CWE